Title
certMILS: Compositional security certification for medium- to high-assurance COTS-based systems in environments with emerging threats
(EU, Horizon 2020)
Abstract
certMILS develops a security certification methodology for Cyber-physical systems (CPS). CPS are characterised by safety-critical nature, complexity, connectivity, and open technology. A common downside to CPS complexity and openness is a large attack surface and a high degree of dynamism that may lead to complex failures and irreparable physical damage. The legitimate fear of security or functional safety vulnerabilities in CPS results in arduous testing and certification processes. Once fielded, many CPS suffer from the motto: never change a running system.
certMILS increases the economic efficiency and European competitiveness of CPS development, while demonstrating the effectiveness of safety & security certification of composable systems.
The project employs a security-by-design concept originating from the avionics industry: Multiple Independent Levels of Security (MILS), which targets controlled information flow and resource usage amongst software applications.
certMILS reduces certification complexity, promotes re-use, and enables secure updates to CPS throughout its lifecycle by providing certified separation of applications, i.e. if an application within a complex CPS fails or starts acting maliciously, other applications are unaffected.
Security certification of complex systems to medium-high assurance levels is not solved today. The existing monolithic approaches cannot cope with the complexity of modern CPS. certMILS uses ISO/IEC 15408 and IEC 62443 to develop and applies a compositional security certification methodology to complex composable safetycritical systems operating in constantly evolving hostile environments. certMILS core results are standardised in a protection profile.
certMILS develops three composable industrial CPS pilots:
- smart grid,
- railway,
- subway,
certifies security of critical re-useable components, and ensures security certification for the pilots by certification labs in three EU countries with involvement of the authorities.
Links
- http://certmils.eu to be published early 2017
- euromils.eu preceeding project, and MILS community
- PodCast part one - certMILS H2020 Project: Security Certification to Protect Critical Infrastructure
- PodCast part two - certMILS H2020 Project: Security Certification to Protect Critical Infrastructure
Project period
4 years (01.01.2017 - 31.12.2020)
Research grant
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 731456
Industry Support
The Institute is supported by the company ANSYS / Esterel with licences for the formal software modelling system SCADE. The software is used for academic research in the openETCS and certMILS project and in education especially for embedded systems.
Principal investigators
Dipl.-Ing.
Thorsten Schulz
Dr.-Ing.
Frank Golatowski
E-Mail
Tel.: +49 381 498 7274
Raum: 103
Prof. Dr.-Ing.
Dirk Timmermann
E-Mail
Tel.: +49 381 498 7250
Raum: 105
Prof. Dr.-Ing. habil.
Christian Haubelt
E-Mail
Tel.: +49 381 498 7280
Raum: 101
Publications
Benjamin Rother, Frank Golatowski, Zeeshan Ansar, Don Kuzhiyelil, Stefan Resch, Reinhard Hametner, Prashant Pathak:
Analysis of Safety-Critical Communication Protocols for On-Premise SIL4 Cloud in Railways
In Proceedings of the 4th International Conference Reliability, Safety, and Security of Railway Systems (RSSRail 2022), pp. 211–220, DOI: 10.1007/978-3-031-05814-1_15, Paris, Frankreich, Juni 2022
Andreas Hohenegger, Gerald Krummeck, Janie Baños, Alvaro Ortega, Michal Hager, Jiri Sterba, Tomas Kertis, Petr Novobilsky, Jan Prochazka, Benito Caracuel, Ana Lourdes Sanz, Francisco Ramos, Holger Blasum, Mario Brotz, Caspar Gries, Torsten Vögler, Jan Neškudla, Jan Rollo, Lisa Burgstaller, Martina Truskaller, Klaus-Michael Koch, Technikon, Reinhard Hametner, Sandro Rauscher, Peter Tummeltshammer, Thales Austria, Frank Golatowski, Thorsten Schulz:
Security certification experience for industrial cyberphysical systems using Common Criteria and IEC 62443 certifications in certMILS
In Proceedings of the 4th IEEE International Conference on Industrial Cyber-Physical Systems (ICPS), pp. 25-30, DOI: 10.1109/ICPS49255.2021.9468241, Victoria, BC, Kanada, Mai 2021
Thorsten Schulz, Frank Golatowski, Dirk Timmermann:
Integration Approach for Communications-based Train Control Applications in a High Assurance Security Architecture
In Proceedings of the International Conference on Reliability, Safety, and Security of Railway Systems 2019 (RSSRail), pp. 272-283, DOI: 10.1007/978-3-030-18744-6_18, Lille, Frankreich, Juni 2019 (Best Student Paper Award)
Thorsten Schulz, Caspar Gries, Frank Golatowski, Dirk Timmermann:
Strategy for Security Certification of High Assurance Industrial Automation and Control Systems
In Proceedings of the IEEE 13th International Symposium on Industrial Embedded Systems (SIES), pp. 1-4, ISSN: 2150-3117, DOI: 10.1109/SIES.2018.8442081, Graz, Österreich, August 2018
Thorsten Schulz, Frank Golatowski, Dirk Timmermann:
In Search for a Simple Secure Protocol forSafety-Critical High-Assurance Applications
In Proceedings of the International Workshop on MILS: Architecture and Assurance for Secure Systems, pp. 1-4, DOI: 10.5281/zenodo.1306101, Luxemburg, Luxemburg, Juni 2018
Thorsten Schulz, Frank Golatowski, Dirk Timmermann:
Evaluation of a Formalized Encryption Library for Safety-Critical Embedded Systems Folien
Proceeding of the IEEE IES International Conference on Industrial Technology, Toronto, Canada, März 2017
Frank Golatowski, Thorsten Schulz, Mehmet Özer, Philipp Gorski:
Zugsteuerung nach dem Baukastenprinzip
In Elektronik, Nr. 18, pp. 42-49, ISSN: 0013-5658, Haar, Deutschland, September 2016